Online Banking and Bill Pay Log In


Security Information

Protect Yourself from Identity Theft and Fraud

Your trust is important to us – and we want to help you guard your personal information and protect yourself from identity theft and fraud. Identity theft education is key to fraud protection, and the best line of defense against fraud begins with you. Understanding the different types of fraud will help you avoid becoming a victim.

We do not contact customers via email, phone or text message to request or verify personal or company information, including account numbers, passwords, personal identification numbers (PINs), Social Security numbers, or Tax ID numbers for security or any other purposes.

For your protection and privacy, our representatives will ask for certain information to verify your identity when you contact us.

You should monitor your accounts and bank statements each month and check your credit reports on a regular basis. Any lost cards, checks, bank statements or internet banking login credentials should be reported to us immediately.

What is Identity Theft?

Identity theft (ID theft) occurs when someone assumes another person’s personal identifying information (e.g., a name, social security number or date of birth) with the intent of committing fraud. Identity theft is often characterized as the largest growing crime in America. Experts estimate it takes fourteen months for an average victim to discover an identity theft and approximately two years to correct credit information.

Your identity can be stolen in a variety of ways:

  •  Loss or theft of your wallet, purse, or credit card
  • Mail theft
  • Skimming information from the magnetic strip on credit or debit cards
  • “Dumpster diving” through the trash
  • “Shoulder surfing” — looking over your shoulder when you are entering a PIN or password
  • Eavesdropping
  • Scam phone calls where a stranger asks for personal or financial information
  • Computer hacking
  • Phishing and Spyware

How does identity theft work?

Using one or more of the methods identified above, the fraudster obtains key pieces of personal information (e.g., Social Security number, driver’s license number, home address, etc.) that is then used to open new bank accounts in your name, apply for mortgages, apply for credit, etc.

Phishing, SMishing, Vishing

Phishing occurs when a fraudster impersonates a legitimate company or organization using e-mail, faxes, and/or Web sites in an attempt to lure recipients into revealing confidential information. This is the “bait.” The messages are well crafted and often difficult to distinguish from those of the companies they impersonate.

What should you be looking for?

Although these forms of attack are designed to be nearly impossible to distinguish from legitimate e-mails, telephone messages or text messages, there are some common signs you can look for:

  • Attackers urge the recipient to click on the link (phishing & SMiShing) or call a telephone number (vishing & SMiShing) to update or verify account information, re-activate an account or cancel an order.
  • Attackers convey a sense of urgency and often mention negative consequences for failing to respond.
  • Attacks are not consistent with other e-mails, telephone messages or text messages from the business.
  • Messages do not contain any personalization that shows the sender knows something about the recipient’s account (e.g. the recipient’s name, the last four digits of their account number, or other information).
  • Attacks often contain spelling errors and bad grammar.
  • Attacks using SMiShing often indicate the message came from the number “5000” instead of displaying an actual telephone number.
  • Messages often claim the user has ordered something that they never ordered.

What should you do if you receive a suspicious e-mail, telephone message or text?

  • Do not respond.
  • If you are unsure of the authenticity of the message, call the company to verify they actually sent it or inquire about why they need your information. Use a telephone number you know is legitimate (e.g., one on your most recent statement). Do NOT call the one in the e-mail, telephone message or text message.
  • If it is an e-mail or text message that appears to be from us, please contact us immediately to help track the phishers, shut down the fraudulent sites or disconnect fraudulent telephone numbers.
  • If it appears to be from another company or financial institution, you can forward it to the Anti-Phishing Working Group at reportphishing@antiphishing.org.
  • Once you have reported the message, delete it from your Inbox or mobile device.
  • If you responded to the message and provided information, please contact us immediately.

How can I protect myself/my business?

  • Education is your best defense. Know what to look for and what to do. It is very important to note that no financial institution will ever send you an e-mail asking you to verify or supply personal information, such as:
    • User ID
    • Password
    • Social Security Number
    • Card or Account Number
    • Credit Card Security Code (CCV)
  • Never open unsolicited e-mails from unknown e-mail addresses.
  • Never send personal information via e-mail unless it is to a trusted source and you use some type of encryption.
  • Install a firewall and both antivirus and anti-spyware software. Keep your virus definitions and browser and security software current.
  • Exercise reasonable care when downloading software and opening e-mail attachments. Never download or open an e-mail attachment from an unknown e-mail address.
  • Have your computer analyzed by a qualified technician if you suspect your computer is running abnormally, you are receiving an unusual amount of “pop-up” pages, or you notice that you are being redirected to other Web pages.

Malware

  • Malware or “malicious software” is designed to infiltrate or damage a computer system without the owner’s knowledge or informed consent. Software is considered Malware based on the creator’s perceived intent rather than any particular features the software may include. The term Malware covers a host of software including computer viruses, worms, Trojan horses, spyware, and other malicious software.

How does Malware work?

Malware is a significant problem. Malicious programs are now considered aggressive and sophisticated, often using a combination of techniques to accomplish their objective. Malware that combines exploitation of a flaw in operating system, browser software, or other applications (e.g., iTunes, Adobe, etc.) with viruses and other Malware is quickly growing in popularity.

Malware for personal smartphones and other mobile devices has now entered the market as well. As mobile devices continue to grow in popularity, so too will this form of Malware.

Spyware, Trojan horses, and key loggers are becoming increasingly popular with criminals, including organized crime. These programs can be used to obtain confidential information about the user of the infected computer, such as account numbers and PINs, login credentials, the contents of e-mail, even Internet habits, and the resulting data can easily be sold or used directly to perpetrate fraud.

As a result of Malware, users may find that their computers have become part of a botnet. A botnet is a collection of software robots, or bots, that run autonomously and automatically. While the term “botnet” can be used to refer to any group of bots, this word is generally used to refer to a collection of compromised computers (called Zombie computers) running software, usually installed via worms, Trojan horses, or backdoors, under a common command-and-control infrastructure. If you take the necessary steps to limit your exposure to Malware, your computer will be less likely to become part of a botnet.

What should I be looking for?

Although the phishing attacks that lead to Malware are designed to be nearly impossible to distinguish from legitimate e-mail messages, there are some common signs you can look for:

  • Attackers urge the recipient to click on the link to update or verify account information, re-activate an account, or cancel an order.
  • Attackers convey a sense of urgency and often mention negative consequences for failing to respond.
  • Attacks are not consistent with other e-mail messages from the business.
  • Messages do not contain any personalization: the recipient’s name, the last four digits of their account number, or other information that shows that the sender knows something about the recipient’s account.
  • Attacks often contain spelling errors and bad grammar.
  • Messages often claim the user has ordered something that they never ordered.

What should you do if you receive a suspicious e-mail?

  • Do not respond.
  • If you are unsure of its authenticity, call a phone number you trust such as the one on your most recent statement, NOT the one in the e-mail, to verify the company actually sent it and to inquire about why they need your information.
  • If it is an e-mail message that appears to be from us, contact us immediately to help track the phishers and shut down the fraudulent sites or disconnect fraudulent phone numbers.
  • If it appears to be from another company or financial institution, you can forward it to the Anti-Phishing Working Group at reportphishing@antiphishing.org.
  • Delete the message from your Inbox.
  • If you responded to the message and provided information, contact us immediately.

How can I protect myself/my business?

  • Don’t open attachments from unsolicited e-mails at work or at home. This is the most common way computers become infected with malware.
  • Install a firewall to prevent unauthorized access.
  • Install and run anti-virus and anti-spyware software on your computer and keep them up-to-date.

Try to avoid spyware altogether by taking the following steps before loading software onto your home computer:

  • Read the license agreement.
  • Search the Internet for spyware reports. Use the software’s name and the word ‘spyware’ as your search keywords.
  • Do not allow anyone to access your computer without your knowledge. Keep your computer turned off or locked when you’re not using it.
  • Never use the “save ID and password” option.
  • Never write your user ID and/or password on a piece of paper and leave it near your computer.
  • Install updates and patches for your home computer’s operating system and all of your installed applications (e.g., iTunes, etc.).